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DETAILED ACTION 

This application contains claims 1-2 and 15-48, which are drawn to an invention 
nonelected with traverse in the reply filed on 3/22/07. A complete reply to the final 
rejection must include cancellation of nonelected claims or other appropriate action (37 
CFR 1.144) See MPEP § 821.01. 

Claims 3-14 were examined. 

Information Disclosure Statement 

Documents listed in the IDS submitted on 9/18/07 were considered. 
Response to Amendment and Arguments 

Applicant's amendments were noted. Applicant's arguments were also fully 
noted, but were not persuasive. 

On page 10 of the remarks submitted, applicant states that Copeland's flows 
which the examiner construes as contexts are not generated based on content, but 
rather represent a series of packets corresponding to the network traffic between a host 
and a server. As such, applicant states that flows are request for content and are not 
generated based on the content. The examiner respectfully disagrees. In the broadest 
sense of the term as used in the claim, "content" is a thing. Applicant recognizes on 
page 10 of the remarks submitted that a network "flow" is the corresponding packets 
transmitted between the host and server. Packets are contents which are transmitted 
and received between the host and server. Because the network flows are comprised 
of or made from network packets, these flows are generated based on content, i.e. 
packets, received by the network accessible apparatus, i.e. the host and/or server. As 
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such, the limitation of generating a context based on content received by the network 
accessible apparatus is met by Copeland, contrary to applicant's argument. 

On page 1 1 of the remarks submitted, applicant argues that Copeland fails to 
disclose wherein the context issues a command to perform a specific operation. 
Applicant states that the network flows disclosed by Copeland already includes a 
command, which was issued by the host, thus the flow/context disclosed by Copeland 
does not issue a command to perform a specific operation. The examiner notes that the 
word "issue" can mean to send out, put forth, or deliver. In other words, the limitation 
under contention could be interpreted to mean that the context sends out, puts forth, or 
delivers a command to perform a specific operation. As admitted by applicant on page 
10 of the remarks submitted, the network flows disclosed by Copeland are comprised of 
packets, i.e. packets which carries the command generated by the host. Since it is the 
network flow which causes the packets containing the commands generated by the host 
to be delivered to the server, one can interpret that the flow issues/delivers a command 
to perform a specific operation. 

Applicant states that the arguments for claim 12 are similar to those for claim 3. 
As such, the arguments for claim 12 are traversed using the same reasoning as what 
was presented above for claim 3. The arguments to the dependent claims were that 
they should be allowed due to dependency on independent claims 3 and 12. However, 
because the arguments for claims 3 and 12 were traversed, the dependent claims are 
also not allowable. 
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Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Note that with respect to the current application, it is determined that one of 
ordinary skill in the art at the time applicant's invention was made is someone having at 
least a BS in Computer Science or Engineering and having experience with network 
security (or someone with equivalent industry experience). 

Claims 3-7 and 9-1 1 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Copeland III (US 2002/0144156) in view of Hasuo et al (US 5,367,704). 
Claim 3: 

Copeland discloses: 

1. Generating a context, i.e. flow, based on content, i.e. packets, received by the 
network accessible apparatus (paragraphs 47 and 53). A flow is communication 
in which data is sent and acknowledged, i.e. received by a network accessible 
apparatus. One skilled in the art of should appreciate that communication 
between two network devices requires that packets be sent, thus because 
communication flow is generated based on packets, the limitation is met 
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2. Identifying whether the context, i.e. flow, is a reliable context or an unreliable 
context, wherein the context issues a command to perform a specific operation 
(paragraphs 20, 82, and 85). The cited sections disclose program flows being 
analyzed to identify whether or not they are authorized. Note that the program 
flows issues/delivers various command, such as view email stored in an email 
server as discussed in paragraph 82. 

3. Determining that the specific operation is not permitted when the context is an 
unreliable context (paragraphs 85-86). The cited paragraph determined that chat 
and viewing webpage is not permitted because the flows are of types not 
allowed, i.e. they are unreliable. 

4. Outputting an error message, i.e. alarm, when the specific operation is not 
permitted (paragraphs 85-86). 

Copeland does not explicitly disclose not performing the specific operation when 
the specific operation is not permitted. However, the limitation is disclosed by Hasuo 
(col 3, lines 12-48). At the time applicant's invention was made, it would have been 
obvious to one of ordinary skill in the art to modify Copeland's invention such that if a 
specific operation is not permitted, not performing the specific operation. One skilled 
would have been motivated to do so because it is standard practice in the art to prevent 
unauthorized execution of operations that has been banned or not allowed in a 
computer or network. 
Claim 4: 
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Hasuo further discloses wherein the issuing of the command comprises 
identifying a reliability of the context based on a flag of a memory into which the context 
that issues the command is loaded (col 3, lines 12-48). Note that Hasuo actually uses 
two flags. One is the name of the program in an allowed program list and the other is a 
limit value which indicates when a program and its corresponding commands are 
allowed execution. 
Claim 5: 

Hasuo discloses not performing an unauthorized operation (col 3, lines 12-48) 
and Copeland discloses outputting the error message (paragraphs 85-86). However, 
neither reference explicitly discloses not performing a preload when the context 
commands to preload a markup document to secure seamless reproduction of AV data. 
However, the examiner take official notice that performing a preload when the context 
commands to preload a markup document to secure seamless reproduction of AV data 
was well known in the art at the time applicant's invention was made. The limitation 
reads on buffering AV data that is played in a browser. In light of Hasuo's teachings of 
not performing an unauthorized operation, it would have been obvious to one skilled in 
the art to also not perform the operation of preloading a markup document if the context 
is not authorized. One skilled would have been motivated to do so because not 
preloading when the context is not authorized would prevent valuable bandwidth from 
being wasted. Note Copeland recognized wasting of bandwidth as a concern 
(paragraph 86). Also, as per Hasuo's teachings, all unauthorized program execution 
and commands are to be prohibited. 
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Claim 6: 

Hasuo discloses not performing an unauthorized operation (col 3, lines 12-48) 
and Copeland discloses outputting the error message (paragraphs 85-86). However, 
neither reference explicitly discloses not performing a deletion when the context 
commands to delete data that is preloaded in a memory of the network accessible 
apparatus. However, official notice is taken that context commands to delete data that 
is preloaded in memory of a network accessible apparatus was well known in the art at 
the time applicant's invention was made, i.e. deleting data from network storage. In 
light of Hasuo's teachings of not performing an unauthorized operation, it would have 
been obvious to one skilled in the art to also not perform the operation of deleting data 
that is preloaded in a memory of the network accessible apparatus when the context is 
unauthorized. One skilled would have been motivated to do so because it would 
prevent a hacker from deleting information from a server that they are not authorized to 
access. Also, as per Hasuo's teachings, all unauthorized program execution and 
commands are to be prohibited. 
Claim 7: 

Hasuo discloses not performing an unauthorized operation (col 3, lines 12-48) 
and Copeland discloses outputting the error message (paragraphs 85-86). Copeland 
also discloses trying to prevent unauthorized accessing of a web page (paragraph 86), 
thus together, Copeland and Hasuo renders obvious the limitation of not performing 
access when the context commands to access data that is recorded on a disk mounted 
in the network accessible apparatus and outputting the error message. Note that a 
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web page is recorded on a web server and viewing the web page means accessing it. 
As per Hasuo's teachings, all unauthorized program execution and commands are to be 
prohibited. 
Claim 9: 

Hasuo discloses not performing an unauthorized operation (col 3, lines 12-48) 
and Copeland discloses outputting the error message (paragraphs 85-86). However, 
neither reference explicitly discloses not performing access when the context 
commands to access cookies that are stored in the network accessible apparatus by 
another context. However, official notice is taken that cookies stored on web servers 
were well known in the art at the time applicant's invention was made as well as 
commands to access the cookies stored on the web servers. At the time applicant's 
invention was made, it would have been obvious to not perform cookie access when a 
cookie access command was issued by an unauthorized context/application. One 
skilled would have been motivated to do so because as per Hasuo's teachings, all 
unauthorized program execution and commands are to be prohibited. 
Claim 10: 

Hasuo discloses not performing an unauthorized operation (col 3, lines 12-48) 
and Copeland discloses outputting the error message (paragraphs 85-86). Copeland 
also discloses attempting to perform access when the context commands to access 
another context that is operated in the network accessible apparatus (paragraphs 82 
and 86). Together, the teachings of Copeland and Hasuo render obvious the limitation 
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of not performing access when the context commands to access another context that is 
operated in the network accessible apparatus and outputting the error message. 
Claim 11: 

Hasuo discloses not performing an unauthorized operation (col 3, lines 12-48) 
and Copeland discloses outputting the error message (paragraphs 85-86). However, 
neither reference explicitly discloses not performing control when the context 
commands to control a reproducing engine, which reproduces AV data recorded on a 
disk mounted in the network accessible apparatus. However, official notice is taken that 
performing control when context commands to control a reproducing engine, which 
reproduces AV data recorded on a disk mounted in the network accessible apparatus, 
i.e. replicating AV data to an optical drive, was well known in the art at the time 
applicant's invention was made. It would have been obvious to one of ordinary skill in 
the art to further modify Copeland's invention according to the limitations recited in claim 
1 1 because as per Hasuo's teachings, all unauthorized program execution and 
commands are to be prohibited. 



Claim 8 is rejected under 35 U.S.C. 103(a) as being unpatentable over Copeland 
III (US 2002/0144156) in view of Hasuo et al (US 5,367,704) in further view of 
Goodwin, III et al (US 2002/006591). 
Claim 8: 



Application/Control Number: 10/673,368 Page 10 

Art Unit: 2135 

Hasuo discloses not performing an unauthorized operation (col 3, lines 12-48) 
and Copeland discloses outputting the error message (paragraphs 85-86). Neither 
reference explicitly discloses not performing access with the context to access another 
frame through a frame. However, accessing a frame through another frame, i.e. 
accessing a webpage from another webpage, was well known in the art at the time 
applicant's invention was made as disclosed by Goodwin (paragraph 37). 

At the time applicant's invention was made, it would have been obvious to one 
skilled in the art to further modify Copeland's invention according to the limitations 
recited in claim 8. One skilled would have been motivated to do so because as per 
Hasuo's teachings, all unauthorized program execution and commands are to be 
prohibited. 

Claims 12-14 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Copeland III (US 2002/0144156) in view of Humes (US 5,996,011). 
Claim 12: 

Copeland discloses: 

1 . Issuing a command by a reliable context to read a content (paragraph 82). Note 
that a command is issued by an authorized flow to read email stored in a server. 

2. Identifying whether the command is a reliable request or an unreliable request 
based on syntax of the command (paragraphs 1 1 6 and 118). The packet header 
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of the flow is analyzed to identify if the packet carries a reliable or unreliable 
request A reliable request would have proper header syntax. 
3. Generating a reliable context corresponding to the content when the command is 
a reliable request (paragraph 82). Since the computer is authorized to utilized 
SMTP to access email, no alarm is generated. One can reasonably assume then 
that access to the email is allowed and a reliable context is generated which 
allows the user to view the email. 

Copeland does not explicitly disclose generating an unreliable context when the 
command is the unreliable request. However, the limitation is disclosed by Humes (col 
3, lines 14-22). The cited portion of Humes discloses a "forbidden" page being sent to 
the user to indicate that the request for the particular page was unreliable, i.e. 
unauthorized. Because the "forbidden" page was not the page the user requested, the 
context, i.e. page, generated is unreliable. At the time applicant's invention was made, 
it would have been obvious to one of ordinary skill in the art to modify Copeland's 
invention according to the limitations recited in claim 12 in light of Humes's teachings. 
One skilled would have been motivated to do so because generating an unreliable 
context would alert the user that they are performing a function that they have not yet 
been authorized to do so. 
Claim 13: 
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Copeland further disclose wherein the content corresponding to the reliable 
context is recorded on a disk mounted in the network accessible apparatus, i.e. email 
server (paragraph 82). 
Claim 14: 

Copeland further discloses wherein the command recorded as a "http://" request 
in the content corresponding to the reliable context is determined as the reliable 
request, and the command recorded as an "httpu://" request in the content 
corresponding to the reliable context is determined as the unreliable request (Fig 1, 
Host data table 166). 

Note that an http command is a command over TCP. Table 166 shows the host 
is authorized to act as a server accepting http commands over TCP as a server. 
However, there is no indication in the table which indicates that http commands are 
allowable over UDP. Http commands over UDP are httpu requests. Thus the limitation 
further recited in claim 14 is disclosed by Copeland. 

Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 
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A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Ponnoreay Pich whose telephone number is 571-272- 
7962. The examiner can normally be reached on 9:00am-4:30pm Mon-Thurs. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on 571-272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

Ponnoreay Pich 
Examiner 
Art Unit 21 35 
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